Client side certificate with strong key protection and WebServices

Published 17 February 05 10:46 AM | adarshk 

When you are writing application to run as service or middle tier, which is using client certificates. You should not enable strong key protection during certificate installation.

Strong key protection is the way you are informing the system that whenever someone want to use this protected resource (client certifcate) then prompt me for the permission. In middle tier environment you really do not want this prompt, you really want to run your application unattended. In fact with .Net frameworks 1.1, SP1 you won't be able to use the certificate with strong key protection.

Check the posting from Kevin W. Hammond about his experience on this issue

http://blogs.msdn.com/kevinha/archive/2005/02/15/373254.aspx

 

This posting is provided "AS IS" with no warranties, and confers no rights

 

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

# Overdrive said on March 7, 2005 12:17 PM:
But what can I do to connect to a SSL server with client certificates if i run the code in a w2000 with framework 1.1?
Ok, I create a pfx file with the private key and not enable strong key protection?
But how I read the file if the X509Certificate.CreateFromSignedFile function didn´t have a password parameter?
It works with pfx files?
# lunchbox said on November 5, 2007 8:23 AM:

http://pameo.com/christmas/baldwin-christmas-ornaments.php

# Problem Using WSE 3.0 With a Certificate Stored on Smart-Card | keyongtech said on January 21, 2009 11:11 PM:

PingBack from http://www.keyongtech.com/560715-problem-using-wse-3-0-a

# Adarsh s blog Client side certificate with strong key protection and | Outdoor Decor said on June 13, 2009 5:40 PM:

PingBack from http://outdoordecoration.info/story.php?id=3917

# Adarsh s blog Client side certificate with strong key protection and | garden statues said on June 19, 2009 4:33 AM:

PingBack from http://gardenstatuesgalore.info/story.php?id=1787

Leave a Comment

(required) 
(optional)
(required) 

  
Enter Code Here: Required

Search

This Blog

Syndication

Adarsh Khare works at Microsoft. Everything here, though, is his personal opinion and is not read or approved by Microsoft before it is posted. No warranties or other guarantees will be offered as to the quality of the opinions or anything else offered here.
Page view tracker